$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143721.roa File: AS143721.roa (raw, json) Hash identifier: owfYOzSwa3HATd1S5MfMZisKqDEtVOIbd9/tvBGodgM= Subject key identifier: D6:05:7C:58:19:2B:7D:40:2F:28:B9:71:23:64:17:59:A4:19:6A:31 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 48E7943075FDC4F7386D1F4B10B9C6EE0EE11F2A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143721.roa Signing time: Wed 04 Mar 2026 06:13:30 +0000 ROA not before: Wed 04 Mar 2026 06:08:30 +0000 ROA not after: Wed 03 Mar 2027 06:13:30 +0000 asID: 143721 IP address blocks: 240a:a42f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:e7:94:30:75:fd:c4:f7:38:6d:1f:4b:10:b9:c6:ee:0e:e1:1f:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:30 2026 GMT Not After : Mar 3 06:13:30 2027 GMT Subject: CN=D6057C58192B7D402F28B97123641759A4196A31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:55:2a:4d:11:92:d5:62:6d:f7:ca:55:03:49: d8:5a:23:28:6b:d3:4c:65:95:0c:74:a9:9e:ca:5e: 7c:28:37:e3:35:52:a3:77:96:1b:5c:ea:9e:1d:20: af:b8:d4:d4:d2:f4:c3:27:21:44:57:27:a1:c9:1b: 55:3d:6d:6f:16:4f:df:23:9a:32:1e:98:95:5b:c9: 25:2f:67:73:69:75:71:76:e5:f5:45:f0:08:6e:2b: 1a:68:0c:66:a2:e0:61:81:a9:34:ce:fa:03:1c:7f: b8:7d:b4:9e:57:c1:25:a3:ef:85:1a:36:3b:15:3e: 57:4d:e3:bf:45:d8:22:af:33:81:8c:25:bc:06:8a: 06:8a:02:5b:a3:2a:51:94:ea:8f:91:0c:7f:c2:f7: e5:b3:f5:99:ed:e6:bc:1f:8a:c7:a1:0a:7f:6f:b4: 77:03:c8:c4:32:8c:be:47:45:93:ff:02:7b:d5:f3: 52:b5:06:6f:08:96:f4:20:fc:3a:b5:17:0a:da:64: f2:a0:4d:d6:25:bd:36:d5:2e:9c:98:6e:7e:f0:03: c8:3e:9e:b1:ee:eb:27:81:d4:36:2b:2f:41:f2:d9: bb:2a:b8:09:cc:6f:23:26:ae:e5:74:fc:20:76:ad: b6:85:8a:e8:3e:d7:cd:4f:ad:6b:90:de:71:fa:76: 09:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:05:7C:58:19:2B:7D:40:2F:28:B9:71:23:64:17:59:A4:19:6A:31 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143721.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a42f::/32 Signature Algorithm: sha256WithRSAEncryption 72:69:9b:48:64:f1:9f:46:72:e5:24:24:6b:17:d1:53:25:71: 4a:fb:e8:a9:e6:61:57:a4:7a:7a:36:3e:52:96:f8:df:26:9f: cd:55:42:31:6e:3e:ce:dc:c5:13:77:ce:7c:0f:52:29:be:a2: f0:9c:49:93:54:1e:cc:9f:cc:84:03:a3:8d:30:a9:16:1a:d8: a2:4e:d9:f2:47:48:90:b9:b5:53:87:71:c5:7f:00:27:46:f0: 14:35:3c:d4:7e:ef:15:5d:dc:b4:e5:6d:cf:26:15:ca:09:33: d5:33:09:c9:e3:8c:2f:8e:8e:92:2b:90:c7:c7:cf:28:ae:ec: 99:10:97:5f:11:1b:47:b9:6d:d5:aa:e6:c4:43:b5:cf:4d:90: 6b:87:77:ea:2a:a6:ef:9d:93:b2:2d:f3:ea:18:4f:83:f2:7d: 16:5c:fe:7e:59:72:69:fe:a3:9e:23:f7:f8:c2:06:5f:74:2e: c4:d3:90:9a:12:ee:c4:df:71:47:1e:a8:04:b1:00:ad:23:2e: 28:50:7b:48:40:93:cb:c5:94:80:45:c5:fe:85:7a:70:a9:72: 38:6c:3a:c4:15:2c:19:5d:63:37:47:04:5b:de:65:51:97:17: 71:6d:b4:73:37:a2:22:cb:9c:66:d0:06:a2:0e:4c:49:6c:a4: ae:5f:82:f8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSOeUMHX9xPc4bR9LELnG7g7hHyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzMFoX DTI3MDMwMzA2MTMzMFowMzExMC8GA1UEAxMoRDYwNTdDNTgxOTJCN0Q0MDJGMjhC OTcxMjM2NDE3NTlBNDE5NkEzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALJVKk0RktVibffKVQNJ2FojKGvTTGWVDHSpnspefCg34zVSo3eWG1zqnh0g r7jU1NL0wychRFcnockbVT1tbxZP3yOaMh6YlVvJJS9nc2l1cXbl9UXwCG4rGmgM ZqLgYYGpNM76Axx/uH20nlfBJaPvhRo2OxU+V03jv0XYIq8zgYwlvAaKBooCW6Mq UZTqj5EMf8L35bP1me3mvB+Kx6EKf2+0dwPIxDKMvkdFk/8Ce9XzUrUGbwiW9CD8 OrUXCtpk8qBN1iW9NtUunJhufvADyD6ese7rJ4HUNisvQfLZuyq4CcxvIyau5XT8 IHattoWK6D7XzU+ta5Decfp2CVECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTWBXxY GSt9QC8ouXEjZBdZpBlqMTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pC8wDQYJKoZIhvcNAQELBQADggEBAHJpm0hk8Z9GcuUkJGsX0VMlcUr76KnmYVek eno2PlKW+N8mn81VQjFuPs7cxRN3znwPUim+ovCcSZNUHsyfzIQDo40wqRYa2KJO 2fJHSJC5tVOHccV/ACdG8BQ1PNR+7xVd3LTlbc8mFcoJM9UzCcnjjC+OjpIrkMfH zyiu7JkQl18RG0e5bdWq5sRDtc9NkGuHd+oqpu+dk7It8+oYT4PyfRZc/n5Zcmn+ o54j9/jCBl90LsTTkJoS7sTfcUceqASxAK0jLihQe0hAk8vFlIBFxf6FenCpcjhs OsQVLBldYzdHBFveZVGXF3FttHM3oiLLnGbQBqIOTElspK5fgvg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:49 2026 by rpki-client